It was pretty neat to read Troy's line there about sending emails out near the end, raise an eyebrow, tap over to my inbox and hear an immediate and satisfying ding. I highly recommend the HIBP service, hiding your e-mail from showing up in public searches (important for opsec), and donating whatever you can to Troy.
Truly essential service and I'd be happy to pay more. Even with good password discipline it's useful knowledge on your exposure.
This is a really good reason to be careful about what you log to log analytics platforms. I just recently implemented an ETL system that has the credentials (along with other stuff about the job) for data access passed into it from a PaaS framework. While I want to log the information, I don't want to log my DB connection strings! It's very easy to overlook such things and produce them as part of application logging/exhaust without realizing it, especially now that we have mass adoption of things like Splunk, Logg.ly, CloudFront, Cortana Analytics, Elmah.IO, LogEntries, Seq, and a dozen others.
> It's very easy to overlook such things and produce them as part of application logging/exhaust without realizing it
Very true. It is a constant battle between debuggability and not leaking credentials.
In Erlang for example, when processes crash they dump their state, their neighbours, links to other processes, and other such useful stuff. That's very helpful, however it means it could dump credentials as well.
I'm actually fixing an issue with this right now. My logging framework is capturing user passwords, so I've delayed the release one day while I blacklist certain known-sensitive information from the capture.
Alternatively use managed service accounts. You shouldn't even know or be able to expose the db connection credentials - let AD manage that for you. This is Windows specific advice and obviously doesn't count if your services don't support this (log a bug in the product if it doesn't).
Also Linux kernel logs. Kernel ASLR requires kernel addresses to be secret, yet dmesg is full of them sometimes and you usually ship those out over unencrypted syslog.
Completely agree. Here's another example: BitDefender (antivirus) passes your email and MD5 of your password in the hash when you want to go to your dashboard. When I contacted them more than 1 year ago about it, their "senior e-threat analyst" said it's nothing to worry about. Absolutely ridiculous.
What to do when the company is ignorant and continues to use something as stupid as that?
> "it does not appear that the encryption protecting them has been cracked"
Please Techcrunch, you are making it sound like you are talking about actual encryption while you are really talking about hashing. From that sentence people would believe that it takes a single "crack" to get them all.
The magic of bcrypt (and hashing in general) is that probably some low-hanging fruits have been picked already while any non-trivial password remains secure.
And worse, when you actually need to talk about someone screwing up and encrypting passwords (see http://www.xkcd.com/1286/ ), this mis-education of your readers will have to be carefully undone first.
As a recent convert, I highly recommend using a password manager (Lastpass, Dashlane, 1Password, etc.).
For sites where I don't really care about security (present company included :), I use a passphrase, usually in the form of a mnemonic. As an example, the password I may choose for this site would be "Hack_G1bson_RedPill_KungFooey" Much easier to remember and it only makes sense to me. Also, for apps like Dropbox, you better be using multi-factor authentication.
I can't do this for every site because of their tyrannical password requirements. I wish they used overall password complexity as an entropy threshold instead of 1 lower, 1 upper, etc.
Perhaps someone could come up with a service saying "sorry, this password has already been used somewhere on Internet, are you sure you want to proceed?". Sites would have to adopt it, a-la re-captcha
Don't store passwords at all if you can avoid it. Then, bend over backwards to avoid it.
Do all login through OAuth or the related proprietary "login with" mechanisms Facebook and Twitter have. Offer your users a choice of mechanism, in the signup flow, and don't require that they first set up a password that they then replace with login-with-(whatever).
If you can't imagine what this looks like, open an incognito browser and go through the signup-for-an-account flow at stackoverflow.com. That should be what you're aiming for.
If two-factor authentication or single sign-on is not an option, should you force at least partly random passwords for employees to prevent password re-use?
In the past this would have been considered as bad practise, since nobody can remember that kind of passwords but nowadays it is pretty clear that everybody (in IT) is either using some password manager or reusing their passwords between systems.
(And to clarify, I'm not talking about end users of service like Dropbox, but people who are working with security sensitive stuff on the backend)
I really wish HIBH would actually send me the data related to my email. I currently have no way of know the current password except by going on to some shady website and downloading a dump. Why not provide the option to send it to the user's email address?
You have no way to know the password you set on sites you signed up with, except from pastes of breaches?
I don't think that's a problem Troy needs to fix...
I think he's chosen very smartly to explicitly and publicly _not_ know anything about the passwords, and only store email addresses. If you think 60mil Dropbox passwords sounds like a spectacular fail, imagine the headlines if an attacker got into HIBP and exfiltrated 1.3_billion_ passwords (or password hashes)! It's be the first "Unicorn credential breach" ;-)
> Some of the stolen passwords were encrypted with SHA-1, while 32 million were encrypted with bcrypt, Motherboard reports. The passwords were also secured with a salt, a random data string added to strengthen the encryption. Even though these passwords have now been dumped online, it does not appear that the encryption protecting them has been cracked.
Whenever I've seen passwords stored without a salt it's either because there is no salt or the salt is derived from the username. If it's the latter, it's only a matter of time till the specifics are figured out.
I'd be very surprised if there is a random salt for each of the SHA-1 passwords that's stored separately from the hashes themselves.
The report doesn't contain much details, but 2-factor auth might have helped.
What is also not apparent is whether the stolen credentials were utilized to pull off data from the accounts? Users might have had sensitive documents stored!
You would think Dropbox doesn't behave like a startup anymore...Proves again that simply passing the responsibilities to a "cloud" provider doesn't fix the security issues.
Well, the leak is from 2012. But unfortunately, startups are hardly unique in mishandling their passwords, there are plenty of large companies on http://plaintextoffenders.com/
[+] [-] runesoerensen|9 years ago|reply
[+] [-] jsmthrowaway|9 years ago|reply
Truly essential service and I'd be happy to pay more. Even with good password discipline it's useful knowledge on your exposure.
[+] [-] raingrove|9 years ago|reply
Edit: I misread the article. It says the leaked hashes were salted, but the leak didn't include the salts.
[+] [-] rjbwork|9 years ago|reply
[+] [-] rdtsc|9 years ago|reply
Very true. It is a constant battle between debuggability and not leaking credentials.
In Erlang for example, when processes crash they dump their state, their neighbours, links to other processes, and other such useful stuff. That's very helpful, however it means it could dump credentials as well.
Luckily there a custom function to format the state of a process http://erlang.org/doc/man/gen_server.html#Module:format_stat... which helps with that. But have to implement that each process which holds credentials.
Also some of those log ingesting services provide a pre-indexer credentials filtering. I know Splunk has it:
http://docs.splunk.com/Documentation/Splunk/6.4.3/Data/Anony...
Of course it is better if it is filtered out before that. But it could be a safety net perhaps.
[+] [-] dotancohen|9 years ago|reply
[+] [-] joshka|9 years ago|reply
[+] [-] lima|9 years ago|reply
[+] [-] aram|9 years ago|reply
What to do when the company is ignorant and continues to use something as stupid as that?
[+] [-] lawpoop|9 years ago|reply
[+] [-] skyrw|9 years ago|reply
[+] [-] Mahn|9 years ago|reply
> [...] batch of encrypted passwords [...]
> [...] from using the encryption algorithm SHA-1
> Some of the stolen passwords were encrypted with SHA-1, while 32 million were encrypted with bcrypt
> The passwords were also secured with a salt, a random data string added to strengthen the encryption.
> it does not appear that the encryption protecting them has been cracked.
I know it's completely tangential and I'm just nitpicking but damn that does bother me more than it should.
[+] [-] roel_v|9 years ago|reply
[+] [-] knweiss|9 years ago|reply
[+] [-] franciscop|9 years ago|reply
Please Techcrunch, you are making it sound like you are talking about actual encryption while you are really talking about hashing. From that sentence people would believe that it takes a single "crack" to get them all.
The magic of bcrypt (and hashing in general) is that probably some low-hanging fruits have been picked already while any non-trivial password remains secure.
[+] [-] fizbin|9 years ago|reply
[+] [-] nextstep|9 years ago|reply
[+] [-] corv|9 years ago|reply
Hopefully all these clouds will pass over and we can get back to personal computing.
[+] [-] akerro|9 years ago|reply
[+] [-] a_imho|9 years ago|reply
[+] [-] mkj|9 years ago|reply
[+] [-] FullMtlAlcoholc|9 years ago|reply
For sites where I don't really care about security (present company included :), I use a passphrase, usually in the form of a mnemonic. As an example, the password I may choose for this site would be "Hack_G1bson_RedPill_KungFooey" Much easier to remember and it only makes sense to me. Also, for apps like Dropbox, you better be using multi-factor authentication.
I can't do this for every site because of their tyrannical password requirements. I wish they used overall password complexity as an entropy threshold instead of 1 lower, 1 upper, etc.
[+] [-] Hermel|9 years ago|reply
However, I think being able to use the same stupid password on all sites I do not care about is a feature rather than a bug.
[+] [-] dewiz|9 years ago|reply
[+] [-] fizbin|9 years ago|reply
Do all login through OAuth or the related proprietary "login with" mechanisms Facebook and Twitter have. Offer your users a choice of mechanism, in the signup flow, and don't require that they first set up a password that they then replace with login-with-(whatever).
If you can't imagine what this looks like, open an incognito browser and go through the signup-for-an-account flow at stackoverflow.com. That should be what you're aiming for.
[+] [-] hiram112|9 years ago|reply
None that will not dissuade potential paying customers, though.
[+] [-] witty_username|9 years ago|reply
[+] [-] spullara|9 years ago|reply
[+] [-] jpalomaki|9 years ago|reply
In the past this would have been considered as bad practise, since nobody can remember that kind of passwords but nowadays it is pretty clear that everybody (in IT) is either using some password manager or reusing their passwords between systems.
(And to clarify, I'm not talking about end users of service like Dropbox, but people who are working with security sensitive stuff on the backend)
[+] [-] matt_wulfeck|9 years ago|reply
[+] [-] bigiain|9 years ago|reply
You have no way to know the password you set on sites you signed up with, except from pastes of breaches?
I don't think that's a problem Troy needs to fix...
I think he's chosen very smartly to explicitly and publicly _not_ know anything about the passwords, and only store email addresses. If you think 60mil Dropbox passwords sounds like a spectacular fail, imagine the headlines if an attacker got into HIBP and exfiltrated 1.3_billion_ passwords (or password hashes)! It's be the first "Unicorn credential breach" ;-)
[+] [-] CameronBanga|9 years ago|reply
[+] [-] raesene6|9 years ago|reply
So that's only useful where cleartexts are breached and there he'd then have the massive headache of securing that data.
The best approach if this is a concern for you would be for you to store a password history of ones that you have used and when you changed them.
[+] [-] koolba|9 years ago|reply
Whenever I've seen passwords stored without a salt it's either because there is no salt or the salt is derived from the username. If it's the latter, it's only a matter of time till the specifics are figured out.
I'd be very surprised if there is a random salt for each of the SHA-1 passwords that's stored separately from the hashes themselves.
[+] [-] 0xmohit|9 years ago|reply
What is also not apparent is whether the stolen credentials were utilized to pull off data from the accounts? Users might have had sensitive documents stored!
[+] [-] unknown|9 years ago|reply
[deleted]
[+] [-] themihai|9 years ago|reply
[+] [-] icebraining|9 years ago|reply
At least their passwords were hashed!
[+] [-] pilif|9 years ago|reply
what a nice way to say that they lied before and that they are now finally coming clean - three years too late.
[+] [-] 0xmohit|9 years ago|reply
From 2012 to 2016 -- it'd be four.
[+] [-] beilabs|9 years ago|reply
Incredibly poor response from Dropbox on this issue.
[+] [-] iagooar|9 years ago|reply
[+] [-] CiPHPerCoder|9 years ago|reply
[+] [-] bandrami|9 years ago|reply
[+] [-] impe83|9 years ago|reply
[+] [-] andythro77|9 years ago|reply
[deleted]